Managing passwords for multiple WHM/cPanel accounts can be a daunting task, especially if you need to update them regularly for security reasons. Instead of manually changing passwords one by one, you can automate the process using a simple shell script. This guide will walk you through how to generate strong, random passwords for multiple accounts, update them, and save the new passwords for future reference.
Prerequisites
Before you start, ensure you have the following:
- Access to your WHM server with root privileges.
- A list of the usernames you want to update.
- Basic knowledge of using the command line.
Step 1: Create a List of Usernames
The first step is to create a file containing the usernames of the accounts you want to update. This file should have one username per line. For example:
usernames.txt:
user1
user2
user3
user4
user5Save this file in the same directory where you’ll place the script.
Step 2: Write the Shell Script
Next, you’ll write a shell script that will loop through each username, generate a strong random password, update the account’s password using WHM’s API, and save the new password in a file.
The Script: update_passwords.sh
#!/bin/bash
# File containing the list of usernames (one per line)
USERNAMES_FILE="usernames.txt"
# File to save the updated passwords
PASSWORDS_FILE="updated_passwords.txt"
# Function to generate a random password
generate_password() {
# You can adjust the length and complexity of the password by changing the options here
openssl rand -base64 12
}
# Clear the passwords file if it exists
> "$PASSWORDS_FILE"
# Loop through each username in the file and update the password
while IFS= read -r username; do
if [[ -n "$username" ]]; then
# Generate a strong random password
NEW_PASSWORD=$(generate_password)
# Update the password for the user
echo "Updating password for $username"
whmapi1 --output=jsonpretty passwd user="$username" password="$NEW_PASSWORD"
# Save the username and password in the passwords file
echo "$username : $NEW_PASSWORD" >> "$PASSWORDS_FILE"
fi
done < "$USERNAMES_FILE"
echo "Password update complete for all users. Passwords saved in $PASSWORDS_FILE."How It Works:
- Username List: The script reads each username from
usernames.txt. - Password Generation: It generates a strong, random password for each user using the
openssl rand -base64 12command. - Password Update: The script uses WHM’s
whmapi1command to update the user’s password. - Saving Passwords: Each username and its corresponding new password are saved in
updated_passwords.txtfor future reference.
Step 3: Execute the Script
After creating the script, give it executable permissions and run it:
chmod +x update_passwords.sh
./update_passwords.shThe script will output messages as it updates each account’s password, and once finished, it will store the new passwords in the updated_passwords.txt file.
Security Considerations
- Secure Storage: Make sure that the
updated_passwords.txtfile is stored securely, as it contains sensitive information. - Password Length and Complexity: The password generation command can be adjusted to increase the complexity or length of the passwords if needed.
- Backup: Always have a backup of your WHM/cPanel accounts before running scripts that make bulk changes.
Conclusion
Automating password updates for multiple WHM/cPanel accounts can save you time and reduce the risk of human error. With a simple script, you can generate strong, unique passwords for each account and keep a record of them for your reference. This approach not only improves security but also streamlines the management of your WHM/cPanel environment.
Happy scripting!